Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arbitrary vulnerabilities and exploits
(subscribe to this query)
685
VMScore
CVE-2009-4819
Multiple unrestricted file upload vulnerabilities in upload.php in PHPhotoalbum allow remote malicious users to execute arbitrary code by uploading a file with a (1) .php.pgif or (2) .php.pjpeg double extension, then accessing it via a direct request to the file in albums/userpic...
Stoverud Phphotoalbum 0.5
Stoverud Phphotoalbum 0.4
Stoverud Phphotoalbum 0.3
1 EDB exploit
187
VMScore
CVE-2014-0243
Check_MK up to and including 1.2.5i2p1 allows local users to read arbitrary files via a symlink attack to a file in /var/lib/check_mk_agent/job.
Check Mk Project Check Mk 1.2.5
Check Mk Project Check Mk
655
VMScore
CVE-2017-14840
TeamWork TicketPlus allows Arbitrary File Upload in updateProfile.
Teamworktec Ticketplus -
1 EDB exploit
505
VMScore
CVE-2015-4181
Directory traversal vulnerability in get_file.php in phpMyBackupPro 2.1 up to and including 2.5 allows remote malicious users to read arbitrary files via a .. (dot dot) in the view parameter. NOTE: the provenance of this information is unknown; the details are obtained solely fro...
Phpmybackuppro Phpmybackuppro 2.2
Phpmybackuppro Phpmybackuppro 2.3
Phpmybackuppro Phpmybackuppro 2.4
Phpmybackuppro Phpmybackuppro 2.1
Phpmybackuppro Phpmybackuppro 2.5
1 EDB exploit
755
VMScore
CVE-2005-1629
SQL injection vulnerability in member.php for Photopost PHP Pro allows remote malicious users to execute arbitrary SQL commands via the verifykey parameter.
Photopost Photopost Php Pro 3.1
Photopost Photopost Php Pro 3.2
Photopost Photopost Php Pro 5.0 Rc3
Photopost Photopost Php Pro 4.0
Photopost Photopost Php Pro 4.6
Photopost Photopost Php Pro 3.3
Photopost Photopost Php Pro 4.1
Photopost Photopost Php Pro 4.8.1
1 EDB exploit
755
VMScore
CVE-2004-1456
filediff in CVStrac allows remote malicious users to execute arbitrary commands via shell metacharacters in rcsinfo.
Cvstrac Cvstrac 1.1.3
Cvstrac Cvstrac 1.1
Cvstrac Cvstrac 1.1.1
Cvstrac Cvstrac 1.1.2
1 EDB exploit
665
VMScore
CVE-2008-6942
Unrestricted file upload vulnerability in ScriptsFeed Realtor Classifieds System (aka Real Estate Classifieds) allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a profile logo, then accessing it via a direct request to...
Scriptsfeed Realtor Classifieds System -
3 EDB exploits
665
VMScore
CVE-2008-6944
Unrestricted file upload vulnerability in ScriptsFeed Auto Classifieds allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a profile logo, then accessing it via a direct request to the file in cars_images/.
Scriptsfeed Auto Classifieds -
3 EDB exploits
665
VMScore
CVE-2008-6943
Unrestricted file upload vulnerability in ScriptsFeed Recipes Listing Portal allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a recipe photo, then accessing it via a direct request to the file in pictures/.
Scriptsfeed Recipes Listing Portal
3 EDB exploits
650
VMScore
CVE-2006-1114
Multiple directory traversal vulnerabilities in Loudblog prior to 0.42 allow remote malicious users to read or include arbitrary files via a .. (dot dot) and trailing %00 (NULL) byte in the (1) template and (2) page parameters in (a) index.php, and the (3) language parameter in (...
Gerrit Van Aaken Loudblog 0.41
2 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »